Recently, in response to malicious code analysis, techniques were developed to detect application analysis, tracing and debugging tasks based on parsing prevention. Consequently, application analyzers are experiencing difficulties having to analyze samples and find solutions manually.
Additionally, to enable an application to run, first the main activity is executed, then the next activity is executed by an input value transmitted from the previous activity or trigger, and in case that there is an error in antecedent condition, the application may stop running. In this case, dynamic analysis is limitedly conducted, failing to provide accurate analysis results. Moreover, recently malicious code is becoming intelligent; for example, operating after executing some libraries. Accordingly, in order to prevent malicious code that evolves with the development of technology, there is a need for a new dynamic analysis method.